CVE-2011-4016Improper Input Validation in Cisco IOS

CWE-20Improper Input ValidationCWE-284Improper Access Control3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.5%
top 33.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedMay 2
Latest updateMay 17

Description

The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when Point-to-Point Termination and Aggregation (PTA) and L2TP are used, allows remote attackers to cause a denial of service (device crash) via crafted network traffic, aka Bug ID CSCtf71673.

CVSS vector

AV:N/AC:H/C:N/I:N/A:CExploitability: 4.9 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-rf3j-84v2-5387: The PPP implementation in Cisco IOS 122022-05-17
CVEList
CVE-2011-4016: The PPP implementation in Cisco IOS 122012-05-02
CVE-2011-4016 — Improper Input Validation in Cisco IOS | cvebase